I’ve edited out the ServerBeach specific stuff and will post pictures…. soonish.

The following link has some great pictures not included here. http://sqlblog.com/blogs/john_paul_c…h-hyper-v.aspx

I’ll add some nice little pictures here once I get some screenshots together.

CONFIGURE HYPERV

1. Configure an “Internal” HyperV network
2. Set each Virtual Machine to use the Internal network and assign them and your HyperV host on the correct subnet (in this example 10.0.0.1 for the host and 10.0.0.10 for the VM).

ENABLE ROUTING AND REMOTE ACCESS ON THE HOST MACHINE

1. Click -> Start -> Administrative Tools -> Routing and Remote Access
2. Right Click on Server#### (local) -> Configure & Enable Routing & Remote Access
3. Click -> Next on Welcome Window
4. Select Custom Configuration Click -> Next
5. Select NAT Click -> Next
6. Select your public interface
7. Select your Internal HyperV interface
8. Select “I will set up name and address services later” Click -> Next
9. Click -> Finish

CONFIGURE ROUTING AND REMOTE ACCESS ON THE HOST MACHINE

1. Routing and Remote Access should be running on the server now
2. Expand out the Server
3. Expand out IP Routing
4. Select NAT/Basic Firewall
5. Right-click your public interface. Select properties
7. Network Address Translation Properties Window will open
8. Select Radio Button for “Public Interface Connected to the Internet”
9. Select the check box for both “Enable NAT on this interface”
10. Click on the Address Pool Tab
11. Click the Add button and add your secondary IP addresses. The “Start Address” and “End Address” will be the same in most cases.

*NOTE* You do not want the secondary IP address configured in the TCP/IP Properties of the Host machine.

12. Click the Reservations button and enter your static IP mappings. That is, specify that you want traffic on your secondary IP mapped to your VM’s internal IP.
13. In services.msc, make sure that RRAS is set to start automatically and Windows ICS is disabled.

NOTES #1

When configuring and experimenting with the RRAS firewall, create a batch file to stop the service in case you forget to allow RDC or otherwise render the system inaccessible.

Code:

net stop “remoteaccess”

Then add the batch file to the scheduler and have it run some time after you apply your changes.

NOTE #2

RRAS is really finicky about the interfaces installed on the server. If an interface is changed in any significant way, it’ll have to be disabled and reconfigured.

Hyper-V is also similarly finicky about its virtual networks. I can’t count the number of times I had to remove and recreate networks. Thankfully, this was rather painless with only one VM to propagate changes to.

If you should encounter any difficulties with adding your additional VMs to the server, try resetting HyperV networking, individual VM network binding (in the VM’s settings), confirming physical host interfaces, and then reconfiguring RRAS in this order.

NOTE #3

Those who have had HyperV configuration problems solved it by disabling TCP/Offload Engine. Symptoms include, RRAS just not working, or working sporadically. If in doubt, disable TCP/Offload Engine

http://social.technet.microsoft.com/…8-d22aca6154ee
http://support.microsoft.com/default…b;EN-US;904946

So if this applies to you, run on the host and on any 2008 VMs:

$ netsh int ip set global taskoffload=disabled

and add the following registry key to any 2003 VMs:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\DisableTaskOffload

This is a DWORD entry that should have a value of 1.

You can install a Windows XP VM in Virtual PC on your Windows 7 workstation. The cool part is the integration. Install a Windows XP application, and it’s automatically integrated into your Start Menu in Windows 7.

I am so geeking out right now.

This is very much a poorly written hack-job script, and I very much expect that some of you will be able to identify some serious n00b mistakes (probably in that I still haven’t figured out how to properly localize variables), but hey, I don’t think this is half bad for my first PERL script. Yes, PERL. I’ve already been lectured about learning Python instead, but while that’s definitely on the to-do list, this script needed finishing, and I was already halfway through. It’s a tool that’s customized for me, so please hack away, and let me know what you do, as I may like it too!

So, I present, for your consideration and for your critique (please do), ‘ch.pl’ v 0.1.

I generally alias ch=/usr/local/bin/ch.pl for this script in Linux and MacOS, as this lets me leave the file extension the same for when I use it in Windows. To use this in Windows, you’ll need to install PERL first. I use ActivePerl. However please note, I’m still working on making this script Windows friendly.

To install in Linux/MacOS:

• download ch.pl using FTP or wget to /usr/local/bin/
• chmod +x /usr/local/bin/ch.pl
• modify your ~/.bash_aliases file (ubuntu), or your ~/.bashrc (RedHat) to include the following:
  • ‘alias ch=/usr/local/bin/ch.pl’

Usage: ch [hostname or IP] [optional: port(s) to check, separated by commas]

Note to self: Sysinternals is Microsoft’s saving grace:

Process Explorer: A more advanced taskmgr, if you will. It’s most awesome feature is it’s ability to search for processes holding a certain handle, allowing you to resolve locked file issues:

Home page: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

Or just run it from http://live.sysinternals.com/procexp.exe

Process Monitor: Basically, Regmon + Filemon:

Home page: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

Or just run it from http://live.sysinternals.com/Procmon.exe

ls -alh /boot/grub #the majority of files in this folder don’t change from the time of install except for menu.lst

ls -alh /restore #BSD

Windows:

Systeminfo #from the command line

- or –

CMD /K WMIC OS GET InstallDate

You’ll see the Operating System installation date (in WMI format). The first eight characters in that output gives you the installation date.

*Windows bit stolen from http://windowsxp.mvps.org/getosdate.htm

Overview: fdisk w/ a W95 partition table
mkdosfs

If you need the step by step, it’s below:

fdisk /dev/sd(whatever drive you want to reparition, ‘b’ in this case), then follow along:

The number of cylinders for this disk is set to 20023.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): m
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition
l list known partition types
m print this menu
n add a new partition
o create a new empty DOS partition table
p print the partition table
q quit without saving changes
s create a new empty Sun disklabel
t change a partition’s system id
u change display/entry units
v verify the partition table
w write table to disk and exit
x extra functionality (experts only)

Command (m for help): n

Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-20023, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-20023, default 20023):
Using default value 20023

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): c
Changed system type of partition 1 to c (W95 FAT32 (LBA))

Command (m for help): p

Disk /dev/sdb: 164.6 GB, 164696555520 bytes
255 heads, 63 sectors/track, 20023 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x000f0136

Device Boot Start End Blocks Id System
/dev/sdb1 1 20023 160834716 c W95 FAT32 (LBA)

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: If you have created or modified any DOS 6.x
partitions, please see the fdisk manual page for additional
information.
Syncing disks.

root@sbrescue:/# mkdosfs /dev/sdb1
mkdosfs 3.0.1 (23 Nov 2008)
root@sbrescue:/# mount /dev/sdb1 /mnt
root@sbrescue:/# cd /mnt
root@sbrescue:/mnt# touch asdf
root@sbrescue:/mnt# ls
asdf
root@sbrescue:/mnt#

All done! =D

AFAIK, it has to do with a NETBIOS limitation.

"The terminal server has exceeded the maximum number of allowed connections."

Stupid machine, don’t give me an error, then kick off the person who can fix it! Well, until now, I was the stupid admin who didn’t know you could do this:

2003,XP SP1,2: mstsc /v:IPorHostname /console
2008,Vista,XP SP3: mstsc /v:IPorHostname /admin

to log into the physical console session. Sweet!

On a related note, if you want to view a session, you can use

shadow 0

to view that session (0 for physical console in Windows 2003). You will have to be authorized by the user that is logged in however, so no spying by default.

Note: Windows 2008 is better about managing additional log in attempts. If the max number of terminals is reached, the new connection can pick which user they want to log off, and the user about to be logged off has the option to allow, allow by ignoring, or deny the request.

Not that a hard reboot won’t do it either… kidding! But in all seriousness…

Windows IIS’s FTP server is configured to use ports 1025-5000 for Passive FTP traffic by default. You can follow the steps at Microsoft’s support page to change the Passive FTP port range.

To enable Passive FTP, Windows Firewall must be configured to allow traffic from these ports. After verifying that the above port range is what you would like open to FTP traffic, each port number must be opened one by one. However, a simple script to automate this process is described here.

And here is a random link (ok, the link itself isn’t random, but the link behind the link is).

Symptom: Every available port from 1024-5000 is used to connect to various servers on destination port 445. Basically, the worm opens these connections to download and wait for malicious binaries.

The removal tools at http://www.bdtools.net/ does not detect this variant, and you have to use Dr.Web’s Cureit to detect and remove it. According to them, the recommended procedure is to install the following hotfixes:
* MS08-067
(http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx);

* MS08-068
(http://www.microsoft.com/technet/security/bulletin/ms08-068.mspx);

* MS09-001
(http://www.microsoft.com/technet/security/bulletin/ms09-001.mspx).

And then run Cureit, a fully functional shareware app.

In case you’re reading this from an infected server, I’ve downloaded and included some of these files here (because if you’re infected, you won’t be able to access certain sites, drweb.com being one).